Here is an article addressing an important topic, and written by someone who knows a thing or two about security having previously edited SC Magazine. So how, therefore, can it be possible for this lengthy piece to make absolutely no reference to ISO 27001?
Many of the measures suggested by interviewees are spot on, but where is the glue that holds all of these ideas together? This is precisely what ISO 27001 is for and it would be good to see titles like ComputerWeekly doing more to champion this vital management tool.
